There are no reviews yet. Be the first to send feedback to the community and the maintainers!
rita-legacy
Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis.BeaKer
Beacon Kibana Executable Report. Aggregates Sysmon Network Events With Elasticsearch and Kibanapasser
Passive service locator, a python sniffer that identifies servers, clients, names and much morethreat-tools
Tools for simulating threatsrita
Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis.threat-hunting-labs
Collection of walkthroughs on various threat hunting techniquesespy
Endpoint detection for remote hosts for consumption by RITA and Elasticsearchsmudge
Passive OS detection based on SYN packets without Transmitting any Datapcap-stats
Learn about a network from a pcap file or reading from an interfacebro-install
An Installation Script for Bro IDS on Debian Based Systemszcutter
Extracts fields from zeek logs, compatible with zeek-cutdevprof
Device profile: Define acceptable amounts of traffic for your devices and see a report of outliers.sniffer-template
Template for building a packet snifferzeek-open-connections
ipfix-rita
Collect IPFIX / Netflow v9 Records and Ship them to RITA for Analysisrita-bl
Real Intelligence Threat Analytics -- Blacklist Databasemongo-diff
A Python script for diff'ing mongo databaseszeekcfg
A node.cfg generator for zeekctlzeek-log-transport
This script ships logs from Zeek to AC-Hunterpi_show
Python script/library for displaying text and graphics on Raspberry Pi PiOled Hatshell-lib
Shell Scripts Used Across ActiveCM Projectscertificate-issues
Identifies certificate problems from Zeek ssl log filespi_project_installer
A support library and set of scripts to simplify installing software on the Raspberry Pi/Raspbianrita-blacklist
Real Intelligence Threat Analytics -- Blacklist Databasemgosec
A Small Helper Library For Securing MongoDB Connections with Golangbro-rita
A bro plugin for writing log data to MongoDB for use with RITAsafelist-tools
Tools for working with the safelist (formerly whitelist)docker-ca
A Docker Image For OpenSSL Certificate Authorities (For Testing)pcap-resources
Support files and tools for pcap analysis and packet capturezeek-log-clean
Delete Zeek log files until disk usage is under a given thresholdsave_json_stream
JSON TCP stream importer for RITA and AC-HunterDBTest
Managed Integration Testing Dependencies via Docker for Gobro-rita-test
Compares bro-rita against rita's built in parsingbro-mongodb
Love Open Source and this site? Check out how you can help us